METASCAN, automated web application and network security audit

Recommended Posts

Hey everyone, just wanted to show you a recently created service for automated web application and network security scan.

If some of you are hosting you'r own web applications perhaps you could test it. If you actually do, please check if there is some vulnerability Metascan could not find.

Features:

1. Scans all 65535 ports on target hosts. The scan might take a while but it makes sure that all running services are found.

2. All the services running on host are checked for available vulnerabilities using CVEdetails DB.

3. All input forms and HTTP parameters are tested for most common web application vulnerabilities (XSS, SQLi, XXE and other OWASP TOP 10 attacks).

4. 40 protocols can be brute forced with Metascan's unique password dictionary. The dictionary has quite a long history as it was made up of real user passwords from recent data leaks. Most pentesters i know are building their own dictionaries, the METASCAN's one is huge.

5. Wordpress is tested separately with multiple tools and dir listing dictionaries for Wordpress version,plugins, themes enumeration. After the versions of plugins and CMS itself are revealed, METASCAN automatically searches for public exploits. The key word in METASCAN is "automatically", id say it's like an automatic pentester.

6.METASCAN is capable of subdomains enumeration too, so in case you have left some subdomains/testing servers and beta version servers on public, there will be info about them in the end report too. In my experience it is a common problem, especially for ICO.

The reason i created this post is to provide website administrators who are most likely to be hanging out here with a useful service for automated web application security assessment. The solution could be useful in case you are not a pentester/whitehat yourself, but need to get some sense of how secure you'r website is without paying for human work, which is much more expensive. Also the scan is performed with usage of all the tools attacker could use to attack you'r web application. Also METASCAN is probably the best solution in case you need to scan multiple hosts or huge network. The network scanner is capable of scanning huge subnets, like /80.

Hope you like it, and any feedback is always appreciated. It took a lot of coding and time to roll out this project.